[pacman-dev] [PATCH v3 2/2] repo-add: Reject armored signatures
Johannes Löthberg
johannes at kyriasis.com
Sat Jun 13 13:45:45 UTC 2015
Pacman cannot handle armored signatures, so make repo-add error out if
one is detected.
Signed-off-by: Johannes Löthberg <johannes at kyriasis.com>
---
Error message changed as per IRC discussion with Allan
scripts/repo-add.sh.in | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/scripts/repo-add.sh.in b/scripts/repo-add.sh.in
index 7e242ce..69993a9 100644
--- a/scripts/repo-add.sh.in
+++ b/scripts/repo-add.sh.in
@@ -364,6 +364,10 @@ db_write_entry() {
# compute base64'd PGP signature
if [[ -f "$pkgfile.sig" ]]; then
+ if grep -q 'BEGIN PGP SIGNATURE' "$pkgfile.sig"; then
+ error "$(gettext "Cannot use armored signatures for packages: %s")" "$pkgfile.sig"
+ return 1
+ fi
pgpsigsize=$(@SIZECMD@ -L "$pkgfile.sig")
if (( pgpsigsize > 16384 )); then
error "$(gettext "Invalid package signature file '%s'.")" "$pkgfile.sig"
--
2.4.2
More information about the pacman-dev
mailing list